Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
08/03/2024, 10:31
General
-
Target
2024-03-08_2d04b7097f8bc155ed8918b573ca07a0_mafia.exe
-
Size
468KB
-
MD5
2d04b7097f8bc155ed8918b573ca07a0
-
SHA1
35408ee9c3e76ebf8ab1f3a2d8ba05179024738b
-
SHA256
4161a1bee4a27fbea06883b4f5f66e1d4326c91a73a4e47a46548181bca31d28
-
SHA512
01fb251b396e37e9996785b2fd282e2824aa3bbc45d0cdc34ff91f3ce0bc9d9417957faa7d6b2105be96947dd4f5a10463a38c493a18a0cc84b4f8487f8486b5
-
SSDEEP
12288:qO4rfItL8HGPyMI8BCgIha5CoO/mfmRG7bWmeEVGL:qO4rQtGGK3kzU/FGumeEVGL
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-08_2d04b7097f8bc155ed8918b573ca07a0_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-08_2d04b7097f8bc155ed8918b573ca07a0_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\659F.tmp"C:\Users\Admin\AppData\Local\Temp\659F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-03-08_2d04b7097f8bc155ed8918b573ca07a0_mafia.exe 56DD65DED0E0E72663FB389B6FF18654CA5468435D54D472C20246C49895E89FEBC09BB54F0C0082E222C0A88FFBE8780CFB4A2E4C789BA5C04781D2FF2F84482⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
468KB
MD5ced3938b2ce8466c70791be6cc6b17d0
SHA1c7c824450b8dd095b1e69b5c907d91041714cd0b
SHA2568fae1a442834330234217ab5eb13e831aad3525fa53b896b36123a89369736c8
SHA5125006b4c97905d04283a1369c7093681e0bc72d9aa46fc2b4b3294727f1b6a25c41a9ba67a68230b090060fb6d60f5941e3911bf40138ce381a64b0c2bbdf572b